AIOS-12-010700 - Apple iOS must implement the management setting: not allow automatic completion of Safari browser passcodes.

Information

The AutoFill functionality in the Safari web browser allows the user to complete a form that contains sensitive information, such as PII, without previous knowledge of the information. By allowing the use of the AutoFill functionality, an adversary who learns a user's Apple iOS device passcode, or who otherwise is able to unlock the device, may be able to further breach other systems by relying on the AutoFill feature to provide information unknown to the adversary. By disabling the AutoFill functionality, the risk of an adversary gaining further information about the device's user or compromising other systems is significantly mitigated.

SFR ID: FMT_SMF_EXT.1.1 #47

Solution

Install a configuration profile to disable the 'AutoFill' capability in the Safari app.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apple_iOS_12_V2R1_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6(1), 800-53|CM-6b., 800-53|CM-7a., CAT|III, CCI|CCI-000366, CCI|CCI-000370, CCI|CCI-000381, Rule-ID|SV-237258r642326_rule, STIG-ID|AIOS-12-010700, STIG-Legacy|SV-96525, STIG-Legacy|V-81811, Vuln-ID|V-237258

Plugin: MDM

Control ID: 18c08f652aef02b1ed6a8308396644956fa196d2e2e6ea2066b8f12ecf877661